Note – this assumes that you are current on Windows updates, else the certificates do not roll over properly. The last two are separate but are often blended together.By default, the service communication certificate uses the same certificate as the Secure Sockets Layer (SSL) certificate.Users will be unable to access Office 365 services in most cases.The below are some images that you will most likely NOT want to see in production.If multiple Front-Ends have been recently decommissioned, run All your Lync front-end servers that are part of the pool are started Hence we don’t want to run Reset-Cs Pool Registrar State -Reset Type Quorum Loss Recovery as no front-end server have been decommissioned NOTE: If you large setup where Administrator does not wish to start the Lync services manually you can also use Reset-Cs Pool Registrar State -Pool Fqdn "Lync Fepool.contoso.com" -Reset Type Full Reset Please also note a full reset is time consuming process is a Microsoft technology used for creating highly reliable, distributable, and scalable applications such as Lync Server 2013.
If a certificate expires this can be summarised quite simply as not good!In the AD FS management console, the certificate expiration dates are highlighted.The Power Shell commands to get the same information on the AD FS servers are: Get-Adfs Certificate and Get-Adfs Ssl Certificate On the Web Application Proxy (WAP) servers we can use Get-Web Application Proxy Ssl Certificate. If you do not follow your process to renew AD FS certificates, or see the additional prompt in the Office 365 Portal, then expect the wheels to fall off the bus.If we then browse to the AD FS metadata page, IE is not happy either.
Clicking to continue on, we can then review the certificate.
That will walk you through renewing the token decryption and token signing certificates.